I'm running CFMX 6.1 on our server.
I have two form fields (type=text on one of them and the other is
type=textarea) which post to a results page. I use these two fields in my
MySQL insert statement to populate a database table.
ISSUE: The script works fine for populating whatever the user types in the two
form fields as long as they don't start and end the text typing with
quotations. ie: "The data entry in this form field."
I've tried REReplace, Replace, HTMLeditformat() in about as many variations as
I've found on this forum.
The simplest thought was ...

Re: removing quotes in form field

Re: removing quotes in form field

1) I don't think there is any need for cfqueryparam.
2) I would suggest that, rather than remove quotes, you actually add more
quotes as an "escape" mechanism. For data integrity you should store what the
client sends you. He may be telling a story that begins with a quotation mark
and
ends with a quotation mark, requring you to store the information as-is.

One of course escapes quotes with quotes in Coldfusion. So, something like
this
should do it.
<cfset testVar=Replace(form.myField,chr(34),"""""","all") >
<cfquery name="q" datasource="My_DSN">
insert into testtable values('#testVar#', 'aaaa','bbbb','cccc','on',3,'ffff');
</cfquery>